Device Networks

Device ExternalNetwork provide context that can be used for authenticating Remote Devices.

Remote Devices are using an ISP network of some kind, be it cellular, DSL, cable, fixed-point wireless, etc.

The Redwood filter engine detects which network the device is connecting by analyzing both the reverse DNS hostname and Start of Authority (SOA) of the IP address. If the IP address has neither the reverse DNS or SOA specified, Network detection will fail.

The Log Cabin Console has a large number of networks predefined. If your device is not on one of these predefined networks, create a new network from the relevant Reverse DNS or SOA information.

Finding the Reverse DNS

Find the reverse DNS hostname of an IP:

  1. Linux or OS X: host
  2. Windows: nslookup

Finding the SOA

Find the Start of Authority (SOA) hostname of an IP:

  1. Linux or OS X: host -t soa
  2. Windows: nslookup -type=soa
[root@system ~]# host domain name pointer

The relevant part of the hostname is the TLD plus one segment. From the example above, the hostname to use is:

CIDR Notation

CIDR Notated IP Ranges are also supported, but should only be used if the IP does not have reverse DNS or SOA information available.